CVE-2007-3262 — Missing Release of Memory after Effective Lifetime in IBM Websphere Application Server

3 documents3 sources

Severity

7.8HIGHNVD

EPSS

2.2%

top 15.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere Application Server

Timeline

PublishedJun 19

Latest updateMay 1

Description

Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier allows remote attackers to cause a denial of service related to a thread hang, and possibly related to a "TCP issue," or to MPAlarmThread and a resultant memory leak.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDibm/websphere_application_server6.1.0.7

Patches

Patch: secunia.com ↗Patch: www-1.ibm.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-gv62-262h-h9q4: Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6↗2022-05-01

▶

CVEList

CVE-2007-3262: Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6↗2007-06-19

▶